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AMENDMENTS TO THE CLAIMS 

Please amend the claims as follows. 



1 . (Currently Amended) A method to support access control checks in a directory server with a 
chaining backend, comprising: 

binding a user to a multiplexer; 

forwarding an authentication sequence from the multiplexer to a first remote serve r, wherein 

the first remote server holds the user entry : 
binding the user to the first remote server; 

authenticating the user if binding to the first remote server is successful; 

binding the multiplexer as a special user to a second remote server, wherein the second 

remote server holds target data; 
sending an operation and an original user identity from the user to the multiplexer; and 
forwarding the operation from the multiplexer to the second remote server. 

2. (Original) The method of claim 1 , further comprising: 

retrieving an access control information statement from an access control list stored on the 

second remote server; and 
evaluating the operation by the second remote server using the access control statement of 

the user. 

3. (Original) The method of claim 2, wherein the access control information statement is stored 
as an attribute of an entry on the second remote server. 

4. (Original) The method of claim 3, wherein the access control information statement 
comprises a target and an access control rule. 

5. (Original) The method of claim 1 , further comprising: 

retrieving an access control information statement from an access control list stored on the 
multiplexer; and 

evaluating the operation by the multiplexer using the access control statement of the user. 
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6. (Original) The method of claim 5, wherein the access control information statement is stored 
as an attribute of an entry on the multiplexer. 

7. (Original) The method of claim 6, wherein the access control information statement 
comprises a target and an access control rule. 

8. (Original) The method of claim 1, wherein forwarding the authentication sequence to the 
first remote server occurs when a realm value sent in a digest challenge is not interpreted by 
the directory server, a target host name field of a digest response is not checked by the 
directory server, and the first remote server is part of a common realm. 

9. (Currently Amended) The method of claim 1, wherein the operation comprises an internal 
operation portion and a user issued an e xt e rnal operation portion. 

10. (Original) The method of claim 9, further comprising: 

chaining the internal operation portion based on an identity of a component issuing the 
internal operation. 

1 1 . (Original) The method of claim 2, further comprising: 

enabling retrieval of the access control information statement on a remote server basis. 

12. (Original) The method of claim 2, further comprising: 

disabling retrieval of the access control information statement on a remote server basis. 

13. (Original) The method of claim 6, further comprising: 

retrieving the entry to evaluate an access control list on the multiplexer. 

14. (Original) The method of claim 13, wherein the entry comprises a user. 

15. (Original) The method of claim 13, wherein the entry comprises a group. 

16. (Currently Amended) A computer system to support access control checks in a directory 
server with a chaining backend, comprising: 

a processor; 
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a memory; and 

software instructions stored in the memory for enabling the computer system under control 
of the processor, to perform: 
binding a user to a multiplexer; 

forwarding an authentication sequence from the multiplexer to a first remote server^ 

wherein the first remote server holds the user entry ; 
binding the user to the first remote server; 

authenticating the user if binding to the first remote server is successful; 

binding the multiplexer as a special user to a second remote server, wherein the 

second remote server holds target data; 
sending an operation and an original user identity from the user to the multiplexer; 

and 

forwarding the operation from the multiplexer to the second remote server. 

17. (Original) The computer system of claim 16, wherein the software instructions further 
comprise instructions to perform: 

retrieving an access control information statement from an access control list stored 

on the second remote server; and 
evaluating the operation by the second remote server using the access control 

statement of the user. 

18. (Original) The computer system of claim 16, wherein the software instructions further 
comprise instructions to perform: 

retrieving an access control information statement from an access control list stored 

on the multiplexer; and 
evaluating the operation by the multiplexer using the access control statement of the 

user. 

19. (Currently Amended) An apparatus to support access control checks in a directory server 
with a chaining backend, comprising: 

means for binding a user to a multiplexer; 
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means for forwarding an authentication sequence from the multiplexer to a first remote 

serve r, wherein the first remote server holds the user entry ; 
means for binding the user to the first remote server; 

means for authenticating the user if binding to the first remote server is successful; 

means for binding the multiplexer as a special user to a second remote server, wherein the 

second remote server holds target data; 
means for sending an operation and an original user identity from the user to the multiplexer; 

and 

means for forwarding the operation from the multiplexer to the second remote server. 

20. (Original) The apparatus of claim 19, further comprising: 

means for retrieving an access control information statement from an access control list 

stored on the second remote server; and 
means for evaluating the operation by the second remote server using the access control 

statement of the user. 

21 . (Original) The apparatus of claim 1 9, further comprising: 

means for retrieving an access control information statement from an access control list 

stored on the multiplexer; and 
means for evaluating the operation by the multiplexer using the access control statement of 

the user. 



